Hi,
here go my 2 cents (pick your favourite currency).
- There is already a pilot European "CERT". As already said in a previous
message this pilot is about to finish and a decision will be taken on its
future, probably at the closed meeting mentioned previouly.
- All it takes to create a RIPE working group are interested people and
topics to work on.
- A RIPE wg is not a service provided by the RIPE NCC, it is a gathering of
people participating in the RIPE community to achieve a common goal.
- Naturally, a RIPE wg may request services from the RIPE NCC. At this
point is when potential financing would be involved (either through
equipment or people to carry out the work).
This thread has really initiated a lot of responses which seem to point
towards some concerns.
May be calling for a BOF at the coming RIPE meeting would be a good idea
but also some consideration ought to be given to whether some exisiting
wg(s) can do the work.
Eg. would be better to produce a document recommending the use of router
filters and anti-smurf configs better be done as a document inside the
working group (much like the flad dampening recommendations)?
The same goes for other subjects.
If there are enough specific issues for a group I don't think there would
be a problem creating one. However, I guess we all would like to avoid
duplication of efforts. If there is interest in a BOF at the next RIPE
meeting to disucss topics, then an initiative should be taken soon
(probably this week).
Regards,
Joao
At 12:19 +0100 6/9/99, Berislav Todorovic wrote:
>Dear collagues,
>>The traffic on this list has increased rapidly since we started to discuss
>various security details. Regrettably, almost no persons from various
>CERTs are subscribed to this list, while they deal with day-to-day
>requests for intrusion and attack coordination.
>>Therefore, a security-related RIPE WG might really be needed. Its aims
>would be to:
>>* enhance incident coordination among ISPs;
>* ensure exchange of ideas and experiences in network and systems security;
>* issue security-related recommendations and BCP documents;
>* establish tighter relatioship between the ISPs and the CERTs.
>>The group should be open to any interested party.
>>The group should also elect a representative who would participate in
>activities of the CERT and IRT community (meetings, workshops, mailing
>lists etc.) and/or provide continuous input from various CERTs and IRTs.
>>Few days ago, I received an interesting message from Karel Vietsch,
>Secretary General of TERENA, related to the subject we're talking about.
>I'm forwarding it, hoping it would be interesting for wider community
>(NOTE: the meeting, mentioned in Mr Vietsch's message is closed - only
>CERT community memebers can participate, but if we find time to create
>the Security-WG, a representative of the WG can apply to attend it):
>